class ImagesController < ApplicationController

  before_filter :image_authorize

  def create
    @image = Image.new(:grid_id => params[:grid_id])
    @image.file = params[:file]

    if @image.save
      render :text => {:url => @image.url}.to_json
    else
      render :text => @image.errors.to_json
    end

  end

  private

  def image_authorize
    head :forbidden if !current_user.can_edit_grid
  end

end
